Headline
CVE-2023-1170: patch 9.0.1376: accessing invalid memory with put in Visual block mode · vim/vim@1c73b65
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376.
@@ -1928,7 +1928,7 @@ do_put( ptr += yanklen;
// insert block’s trailing spaces only if there’s text behind if ((j < count - 1 || !shortline) && spaces) if ((j < count - 1 || !shortline) && spaces > 0) { vim_memset(ptr, ' ', (size_t)spaces); ptr += spaces; @@ -2284,6 +2284,15 @@ do_put( msgmore(nr_lines); curwin->w_set_curswant = TRUE;
// Make sure the cursor is not after the NUL. int len = (int)STRLEN(ml_get_curline()); if (curwin->w_cursor.col > len) { if (cur_ve_flags == VE_ALL) curwin->w_cursor.coladd = curwin->w_cursor.col - len; curwin->w_cursor.col = len; }
end: if (cmdmod.cmod_flags & CMOD_LOCKMARKS) {
Related news
Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.
Ubuntu Security Notice 5963-1 - It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 22.10.